CyberSecurityBoard
Sponsor Register Login

Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems

Since early 2024, advanced persistent threat (APT) groups linked to Iran, North Korea, and China have exploited vulnerabilities in healthcare networks to deploy destructive malware, ransomware, and backdoors. These attacks aim to sabotage patient care systems, including diagnostic tools, laboratory automation, and life-support devices, while exfiltrating sensitive biomedical research data. The healthcare sector faces an unprecedented surge in cyberattacks from nation-state actors seeking to disrupt critical IT infrastructure and operational technology (OT) systems. In one campaign, attackers distributed trojanized DICOM viewer software-including spoofed Philips and Siemens applications-to deploy backdoors like ValleyRAT and Floxif. Healthcare institutions are advised to segment IT/OT networks, enforce multi-factor authentication for DICOM systems, and monitor for anomalous PowerShell activity. Silobreaker’s threat intelligence platform highlights ongoing campaigns exploiting CVE-2023-34362 (MOVEit) and Citrix vulnerabilities, underscoring the need for proactive patch management. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Threat actors increasingly pivot from IT to OT systems, exploiting legacy medical devices with hardcoded passwords or unpatched libraries. Silobreaker’s analysis of network traffic showed beaconing intervals of 300 seconds, mimicking legitimate DICOM data transfers to evade detection. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. A May 2025 advisory by ICS-CERT warned of memory corruption flaws in Pixmeo OsiriX MD (CVE-2025-XXXXX), which could allow attackers to crash systems or steal credentials. A February 2025 Forescout report revealed 29 malicious DICOM viewer samples designed to deploy ValleyRAT. For example, researchers demonstrated how attackers could inject fake tumors into CT scans by manipulating pixel data in DICOM files. As nation-state actors refine their tactics, integrating threat intelligence into incident response plans becomes a lifeline for patient safety. The 2024 ALPHV ransomware attack on Change Healthcare disrupted 100+ critical applications, delaying prescriptions for 190 million patients. Silobreaker analysts recently identified a spike in malware campaigns exploiting Digital Imaging and Communications in Medicine (DICOM) protocols, widely used for medical imaging. Researchers noted that the malware’s command-and-control (C2) infrastructure overlaps with known Chinese APT clusters, including Silver Fox and Panda Burning Incense. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 15 May 2025 08:39:52 +0000


Cyber News related to Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems

Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
1 year ago Securityzap.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
1 year ago Cybersecuritynews.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
1 year ago Techtarget.com
Detecting And Responding To New Nation-State Persistence Techniques - This article explores the changing landscape of nation-state persistence, advanced detection strategies, and effective response frameworks to help organizations defend against these evolving threats. Nation-state cyber threats have evolved ...
1 month ago Cybersecuritynews.com
Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems - Since early 2024, advanced persistent threat (APT) groups linked to Iran, North Korea, and China have exploited vulnerabilities in healthcare networks to deploy destructive malware, ransomware, and backdoors. These attacks aim to sabotage patient ...
1 month ago Cybersecuritynews.com CVE-2023-34362
Pharmacy Delays Across US Blamed on Nation-State Hackers - Change Healthcare, a technology services provider for pharmacies, experienced a cyberattack from a suspected nation-state threat actor that has created widespread delays for patients who need prescription refills across the US. Change Healthcare is a ...
1 year ago Darkreading.com
Data Protection in Educational Institutions - This article delves into the significance of data protection in educational institutions, emphasizing three key areas: the types of educational data, data privacy regulations, and data protection measures. Lastly, robust data protection measures are ...
1 year ago Securityzap.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
1 year ago Cysecurity.news
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
1 year ago Helpnetsecurity.com
Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report - To illuminate the evolving digital threat landscape and help the cyber community understand today's most pressing threats, we released our annual Microsoft Digital Defense Report. This year's report focuses on five key topics: cybercrime, ...
2 years ago Csoonline.com POLONIUM
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
11 months ago Cyberdefensemagazine.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
1 year ago Malwarebytes.com Rocke LockBit
Best Network Security Providers for Healthcare - The exponential growth of Electronic Health records, telemedicine, and interconnected medical devices creates a complex healthcare ecosystem demanding robust network security. Network security providers specializing in healthcare offer a ...
1 year ago Cybersecuritynews.com
Debate Roils Over Extent of Nation-State Cyber Involvement in Gaza - Cyberattack activity in the Israel-Hamas war has shown a decided lack of sophistication, and researchers warn that nation-state attackers are more involved than originally thought. That's in stark contrast to state-sponsored advanced persistent ...
1 year ago Darkreading.com
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
1 year ago Esecurityplanet.com Black Basta
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
1 year ago Therecord.media LockBit
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
1 year ago Bleepingcomputer.com DAIXIN
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
1 year ago Bleepingcomputer.com
A prescription for insights: Cisco Full-Stack Observability supercharges healthcare - The National Institutes of Health indicates that AI applications will cut annual US healthcare costs by $150 billion - about $460 per person the US - in 2026. Digital transformation among healthcare organizations, and the chronic lack of resources to ...
1 year ago Feedpress.me
Cyber Guardians: INE Security Champions Cybersecurity Training During National Physicians Week 2025 - INE Security, a global leader in cybersecurity training, certifications, and certification preparation, is at the forefront of helping healthcare organizations fortify their cyber defenses through education. INE Security’s comprehensive ...
2 months ago Cybersecuritynews.com
Atlas Healthcare Confirms Data Breach Affecting Residents' Social Security Numbers - On October 14, 2023, Atlas Healthcare provided notice of a recent data breach after learning that an unauthorized actor was able to access the company's computer system. In this notice, Atlas explains that the incident resulted in an unauthorized ...
1 year ago Jdsupra.com
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
1 year ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)